mirror of https://github.com/jacekkow/keycloak-protocol-cas
blame | history | patch | commit | commitdiff | ignore whitespace
github-actions
2023-10-05 e46d5b727f0206f04b41a511d73f8b9510f97501 
 src/main/java/org/keycloak/protocol/cas/endpoints/SamlValidateEndpoint.java


@@ -1,5 +1,10 @@


package org.keycloak.protocol.cas.endpoints;




import jakarta.ws.rs.Consumes;


import jakarta.ws.rs.POST;


import jakarta.ws.rs.Produces;


import jakarta.ws.rs.core.MultivaluedMap;


import jakarta.ws.rs.core.Response;


import org.keycloak.dom.saml.v1.protocol.SAML11ResponseType;


import org.keycloak.events.EventBuilder;


import org.keycloak.events.EventType;


@@ -12,18 +17,16 @@


import org.keycloak.services.Urls;


import org.xml.sax.InputSource;




import javax.ws.rs.Consumes;


import javax.ws.rs.POST;


import javax.ws.rs.Produces;


import javax.ws.rs.core.MultivaluedMap;


import javax.ws.rs.core.Response;


import javax.xml.namespace.NamespaceContext;


import javax.xml.xpath.XPath;


import javax.xml.xpath.XPathExpression;


import javax.xml.xpath.XPathExpressionException;


import javax.xml.xpath.XPathFactory;


import java.io.StringReader;


import java.util.*;


import java.util.Collections;


import java.util.Iterator;


import java.util.Map;


import java.util.Optional;




import static org.keycloak.protocol.cas.CASLoginProtocol.TARGET_PARAM;




@@ -36,9 +39,9 @@


    @Consumes("text/xml;charset=utf-8")


    @Produces("text/xml;charset=utf-8")


    public Response validate(String input) {


        MultivaluedMap<String, String> queryParams = request.getUri().getQueryParameters();


        MultivaluedMap<String, String> queryParams = session.getContext().getUri().getQueryParameters();


        try {


            String soapAction = Optional.ofNullable(request.getHttpHeaders().getHeaderString("SOAPAction")).map(s -> s.trim().replace("\"", "")).orElse("");


            String soapAction = Optional.ofNullable(session.getContext().getRequestHeaders().getHeaderString("SOAPAction")).map(s -> s.trim().replace("\"", "")).orElse("");


            if (!soapAction.equals("http://www.oasis-open.org/committees/security")) {


                throw new CASValidationException(CASErrorCode.INTERNAL_ERROR, "Not a validation request", Response.Status.BAD_REQUEST);


            }


@@ -49,7 +52,7 @@


            checkRealm();


            checkSsl();


            checkClient(service);


            String issuer = Urls.realmIssuer(request.getUri().getBaseUri(), realm.getName());


            String issuer = Urls.realmIssuer(session.getContext().getUri().getBaseUri(), realm.getName());


            String ticket = getTicket(input);




            checkTicket(ticket, renew);